Out-of-Band Authentication (OOBA)

What Does Out-of-Band Authentication (OOBA) Mean?

Out of band authentication (OOBA) is a term for a process where authentication requires two different signals from two different networks or channels. These kinds of more sophisticated authentication prevent many kinds of fraud and hacking. Out-of-band authentication will effectively block many of the most common kinds of hacking and identity theft in online banking.

Techopedia Explains Out-of-Band Authentication (OOBA)

The essential idea behind out-of-band authentication is that by using two different channels, authentication systems can guard against fraudulent users that may only have access to one of these channels.

One of the most common examples of out-of-band authentication is in banking transactions. Typically, a customer wishing to do an online bank transaction will be sent an SMS message by cell phone with a password. This way, any hackers or identity thieves that have access through key loggers or other equipment will not be able to access that particular password, because it is sent over a 3G or 4G wireless network instead of being sent over the Internet. This type of authentication can be extremely effective as long as fraudulent operators haven’t somehow gained access to the user’s cell phone system as well. Sophisticated hacking that is able to access the SMS message and password is often called a man-in-the-middle attack. In general, a man-in-the-middle attack involves creating a dummy network that will trick the victim into thinking that it is a legitimate network. If the actor can intercept the user’s cell phone communications, it may be possible to overcome out-of-band authentication security protocols.